Abstract
As a great number of IoT and mobile devices are used in our daily lives, the security of mobile devices is being important than ever. If mobile devices which play a key role in connecting devices are exploited by malware to perform malicious behaviors, this can cause serious damage to other devices as well. Hence, a huge research effort has been put forward to prevent such situation. Among them, many studies attempted to detect malware based on APIs used in malware. In general, they showed the high accuracy in detecting malware, but they could not classify malware into detailed categories because their detection mechanisms do not consider the characteristics of each malware category. In this paper, we propose a malware detection and classification approach, named ACAMA, that can detect malware and categorize them with high accuracy. To show the effectiveness of ACAMA, we implement and evaluate it with previously proposed approaches. Our evaluation results demonstrate that ACAMA detects malware with 26% higher accuracy than a previous work. In addition, we show that ACAMA can successfully classify applications that another previous work, AVClass, cannot classify.
Highlights
By 2025, it is expected that there will be 55.9 billion connected devices worldwide and 79.4 ZB of data generated by IoT devices [1], and 9 billion smartphones will be connected by 2024 [2]
We proposed ACAMA that identifies malware and classifies malware into specific categories based on behavioral characteristics of malware
We evaluated ACAMA by comparing its performance with a previous approach proposed by Kim et al [11]
Summary
By 2025, it is expected that there will be 55.9 billion connected devices worldwide and 79.4 ZB of data generated by IoT devices [1], and 9 billion smartphones will be connected by 2024 [2]. Erefore, it is critical to protect users from malware by accurately and quickly detecting Android malicious applications. To quickly analyze and respond to malicious applications, it is very important to identify their behaviors and classify them. We discuss previous approaches for detecting malware by using APIs as a feature and other related work. Many approaches were proposed to analyze malicious applications using their APIs [5,6,7,8,9, 11,12,13,14,15,16,17]. Nix et al [9] detected malware from API calls in applications by using the CNN. The method of bagging ensemble other algorithms is not suitable for classifying malware into specific categories [5, 11]
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
